Privacy Policy

Date: 5th March, 2024

Table of contents:

1) Basic information on data processing and legal bases
2) Security measures
3) Disclosure of data to third parties and third party providers
4) Provision of contractual services
5) Establishing contact
6) Collection of access data and log files
7) Cookies & range measurement
8) Integration of third-party services and content
9) Users' rights
10) Deletion of data
11) Changes to the data protection declaration
12) Right of objection

Person responsible

Data Protection Officer:

1. Basic information on data processing and legal bases

a. This Privacy Policy informs you about the type, scope and purpose of processing personal data within our service offering and the associated websites, functions and contents (hereinafter jointly referred to as online offer or website). This Privacy Policy applies regardless of the domains, systems, platforms and end devices (e.g. desktop or mobile) on which the online offer is executed.
b. The terms used, such as personal data or their processing, refer to the definitions in Art. 4 of the General Data Protection Regulation (GDPR).
c. The personal data of users processed within the scope of this online offer include inventory data (e.g. names and addresses of customers), contract data (e.g. services used, names of agents, payment information), usage data (e.g. websites visited on our online offer, interest in our products) and content data (e.g. entries in the contact form), as well as job application data.
d. The term user covers all categories of data subjects. These include our business partners, customers, prospective customers, job applicants and other visitors to our online offering. The terms used, such as user, are to be understood as gender-neutral.
e. We process personal data of users only in compliance with the relevant data protection regulations. This means that user data will only be processed if legal permission has been obtained. This means in particular if data processing is necessary for the provision of our contractual services (e.g. processing of orders) as well as online services, or is required by law, if the user has given his or her consent, or if our legitimate interests (i.e. interest in the analysis, optimization and economic operation and security of our online services within the scope of Art. 6(1)(f) GDPR, in particular for range measurement, creation of profiles for advertising and marketing purposes, collection of access data and use of third-party services.
f. We point out that the legal basis of the consent is Art. 6 (1)(a) and Art. 7 GDPR, the legal basis for the processing for the fulfilment of our services and implementation of contractual measures is Art. 6 (1)(b) GDPR, the legal basis for processing to fulfil our legal obligations is Art. 6 (1)(c) GDPR and the legal basis for processing to protect our legitimate interests is Art. 6 (1)(f) GDPR.

2. Safety precautions

a. We take organizational, contractual and technical security measures seriously, in accordance with current technical capabilities. This is to ensure that the regulations of data protection laws are observed, and thus protect the data processed against accidental or intentional manipulation, loss, destruction, or access by any unauthorized persons.
b. The security measures include the encrypted transmission of data between your browser and our servers.

3. Disclosure of data to third parties

a. Data will only be passed on to third parties within the framework of legal requirements. We only pass on user data to third parties if, for example, this is necessary for contractual purposes on the basis of Art. 6 (1)(b) GDPR or on the basis of legitimate interests pursuant to Art. 6 (1)(f) GDPR on economic and effective business operations.
b. If we use subcontractors to provide our services, we take appropriate legal precautions, technical and organisational measures to ensure the protection of personal data in accordance with legal regulations.
c. If content, tools or other means from external providers (hereinafter jointly referred to as third party providers) are used within the scope of this data protection declaration, it is to be assumed that data is transferred to the country in which the third provider has their registered office.
Should data be transferred to a third country or an international organisation, it will be ensured before the transfer of the data that suitable guarantees in accordance with Art. 44 et seq. of the DSGVO are available for the recipient. Third countries are considered to be where GDPR is not directly applicable, i.e. in principle countries outside of the EU or the European Economic Area.

4. Performance of contractual services

a. We process inventory data (e.g. names and addresses as well as contact data of users), contract data (e.g. services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services pursuant to Art. 6 (1)(b) GDPR.
b. Users can opt to create their own user account, in particular for accessing the course content. During the registration process, the required information will be communicated to the user. The user accounts are not made public and cannot be indexed by search engines. If user terminate their account, their data will be deleted, subject to storage for commercial or tax reasons according to Art. 6 (1)(c) GDPR. It is the user’s responsibility to save their data, before the end of the contract, if they have given notice of termination. We are entitled to irretrievably delete all user data stored during the term of the contract.

5. Establishing contact

a. When contacting us (via contact forms or e-mail), the user's details are processed for conducting the enquiry request and its handling in accordance with Art. 6 (1)(b) GDPR.
b. User information can be stored in our Customer Relationship Management System (CRM System).
c. We use an internal CRM system, developed by Fast Lane Institute for Knowledge Transfer GmbH, based on our legitimate interests.

6. Collection of access data and log files

a. We collect data on the basis of our legitimate interests within the scope of Art. 6 (1)(f) GDPR. This is carried out through our servers within our secure Data Centers. Access data includes the name of the accessed website, file, date and time of access, transferred data volume, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address, and the requesting provider.
b. Log file information is stored for a maximum of seven days for security reasons (e.g. to investigate misuse or fraud) and then deleted. Data which is required for further storage, for review or evidentiary purposes, is excluded from deletion until the respective incident has been clarified.

7. Cookies & range measurement

a. Cookies are pieces of information that is transferred from our web servers, or third party web servers, to the user's web browser and stored there for later retrieval.
b. Users will be informed about the use of cookies within the scope of this data protection declaration.
c. If users do not want cookies to be stored on their computer, they are asked to deactivate the corresponding option in the system settings of their browser. Stored cookies can be deleted in the system settings of the browser. The exclusion of cookies can lead to functional restrictions.

By law, we may store cookies on your device if they are strictly necessary for the operation of this site. For all other cookie types, we need your permission.

This site uses different types of cookies. Some cookies are placed by third parties that appear on our pages.

You can change or withdraw your consent at any time from the cookie statement on our site.

Essential

Essential cookies help make a website usable by enabling basic functions like course bookings and access to secure areas of the website. The website cannot function properly without these cookies.

8. Integration of third-party services and content

a. We use content or service offers from third parties within our online offering (i.e. interest in the analysis, optimization and economic operation of our online offering within the meaning of Art. 6 para. 1 lit. f. DSGVO) on the basis of our legitimate interests in order to integrate their content and services, e.g. videos or fonts (hereinafter uniformly referred to as content).
b. This always presupposes that the third party providers of this content perceive the IP address of the users, since without the IP address they could not send the content to their browser. The IP address is therefore required for the display of this content. We make every effort not to use website content, whose provider could use the user’s IP address for other purposes than the transfer of content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as web beacons) for statistical or marketing purposes. Pixel tags can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user's device and may include technical information about the browser and operating system, referring websites, visiting time and other information about the use of our online offer, as well as may be linked to such information from other sources. c. The following presentation provides an overview of third-party providers and their contents, together with links to their data protection declarations, which contain further information on the processing of data and, in some cases already mentioned here, possibilities of objection (so-called opt-out):

• External fonts from Google, Inc, https://www.google.com/fonts (Google Fonts). The integration of the Google Fonts takes place via a server call to Google (usually in the USA). Privacy Policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/.

9. Rights of users

a. Users have the right, upon request and free of charge, to receive information about the personal data that we have stored about them.
b. b. In addition, users have the right to correct inaccurate data, to limit the processing and deletion of their personal data, if applicable, to assert their rights to data portability and, in the event of the assumption of unlawful data processing, to file a complaint with the competent supervisory authority.
c. Likewise, users can revoke consent at any time.

10. Deletion of data

a. The data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal obligations to keep it in safekeeping. If the user's data is not deleted because it is necessary for legally permissible purposes, their processing is restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to user data that must be retained for commercial or tax reasons.
b. In accordance with statutory requirements, the records are kept for 6 years in accordance with § 257 (1) HGB (trading books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years in accordance with § 147 (1) AO (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.)

11. Changes to this Privacy Policy

a. We reserve the right to change the data protection declaration in order to adapt to amended legal circumstances, or in the event of changes to the service or data processing procedure. However, this only applies with regards to declarations on data processing. If a user’s consent is required or components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the users' consent.
b. Users are asked to inform themselves regularly about the contents of the data protection declaration.

12. Right of objection

Users can object to any future processing of their personal data in accordance with legal requirements at any time. The objection may be lodged against processing for direct marketing purposes.